diff options
Diffstat (limited to 'meta/recipes-devtools/binutils/binutils/CVE-2018-18605.patch')
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2018-18605.patch | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2018-18605.patch b/meta/recipes-devtools/binutils/binutils/CVE-2018-18605.patch new file mode 100644 index 0000000000..d6c7067715 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2018-18605.patch | |||
@@ -0,0 +1,47 @@ | |||
1 | From ab419ddbb2cdd17ca83618990f2cacf904ce1d61 Mon Sep 17 00:00:00 2001 | ||
2 | From: Alan Modra <amodra@gmail.com> | ||
3 | Date: Tue, 23 Oct 2018 18:29:24 +1030 | ||
4 | Subject: [PATCH] PR23804, buffer overflow in sec_merge_hash_lookup | ||
5 | |||
6 | PR 23804 | ||
7 | * merge.c (_bfd_add_merge_section): Don't attempt to merge | ||
8 | sections where size is not a multiple of entsize. | ||
9 | |||
10 | Upstream-Status: Backport | ||
11 | CVE: CVE-2018-18605 | ||
12 | Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> | ||
13 | --- | ||
14 | bfd/ChangeLog | 6 ++++++ | ||
15 | bfd/merge.c | 3 +++ | ||
16 | 2 files changed, 9 insertions(+) | ||
17 | |||
18 | diff --git a/bfd/ChangeLog b/bfd/ChangeLog | ||
19 | index 31ff3d6..da423b1 100644 | ||
20 | --- a/bfd/ChangeLog | ||
21 | +++ b/bfd/ChangeLog | ||
22 | @@ -1,3 +1,9 @@ | ||
23 | +2018-10-23 Alan Modra <amodra@gmail.com> | ||
24 | + | ||
25 | + PR 23804 | ||
26 | + * merge.c (_bfd_add_merge_section): Don't attempt to merge | ||
27 | + sections where size is not a multiple of entsize. | ||
28 | + | ||
29 | 2018-10-13 Alan Modra <amodra@gmail.com> | ||
30 | |||
31 | PR 23770 | ||
32 | diff --git a/bfd/merge.c b/bfd/merge.c | ||
33 | index 7904552..5e3bba0 100644 | ||
34 | --- a/bfd/merge.c | ||
35 | +++ b/bfd/merge.c | ||
36 | @@ -376,6 +376,9 @@ _bfd_add_merge_section (bfd *abfd, void **psinfo, asection *sec, | ||
37 | || sec->entsize == 0) | ||
38 | return TRUE; | ||
39 | |||
40 | + if (sec->size % sec->entsize != 0) | ||
41 | + return TRUE; | ||
42 | + | ||
43 | if ((sec->flags & SEC_RELOC) != 0) | ||
44 | { | ||
45 | /* We aren't prepared to handle relocations in merged sections. */ | ||
46 | -- | ||
47 | 2.9.3 | ||